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CLAIM LISTING 

This listing of claims will replace all prior versions, and listings of claims In the 
application: 

AMENDMENTS TO THE CLAIMS 

1 . (Currently Amended) A system of securely using decryption keys during 
configuration of an integrated circuit having programmable logic, comprises: 

a microcontroller within the integrated circuit for receiving an encrypted 
bitstream; 

a key storage register coupled to the microcontroller for storing key data; 

a decryptor coupled to the key storage register, wherein only the decryptor 
reads from the key storage register; and 

a configuration data register in the integrated circuit, wherein the configuration 
data register cannot be read by the microcontroller after the decryptor is used, 

wherein the decryptor is a software decryptor stored in a memory and executed 
by the microcontroller, wherein the system further comprises hardware . Independent of 
the microcontroller that s e lect i v el y allows the microcontroller enab l es access to the 
key storage register bv unblockino a sional path couplino the microcontroller and the 
kev storage reoister bv a l lowino tho m i crooontro ll Qr acooBs when a program counter of 
the microcontroller specifies an address within an address range corresponding to the 
software decryptor within the memor v and disallows the microcontroller access to the 
kev storage register bv blocking the sional path coupling the microcontroller and the 
kev storage register . 

2. (Original) The system of claim 1 wherein the microcontroller stores key data in 
the key storage register, but the microcontroller cannot read from the key storage 
register. 

3. (Previously Presented) The system of claim 2. wherein the decryptor is a 
hardware decryptor embedded in the integrated circuit. 
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4. Cancelled. 

5. (Currently Amended) The system of claim [[4]L1, wherein the memory Is a 
ROM having a decryption engine. 

6. (Previously Presented) The system of claim 1 , wherein the microcontroller 
further receives a configuration boot program comprising the decryptor in 
programmatic form along with the encrypted bitstream comprising encrypted 
configuration data to be loaded into the configuration data register. 

7. (Previously Presented) The system of claim 1 , wherein the microcontroller, the 
key register, the decryptor. and the configuration data register are all within the 
integrated circuit. 

8. (Previously Presented) The system of claim 1 , wherein the microcontroller is an 
emulated microcontroller in the integrated circuit. 

9. (Currently Amended) A system of securely using decryption keys during 
configuration of an integrated circuit having programmable logic, comprising: 

a microcontroller within the integrated circuit for receiving an encrypted 
bitstream; 

a key storage register coupled to the microcontroller for storing key data; 

a decryption program stored in a memory that uses a predetermined memory 
address to enable access to the key storage register; and 

a configuration data register in the integrated circuit, wherein the configuration 
data register cannot be read by the microcontroller after the decryption program is 
used; 

wherein access to the key storage register by the microcontroller is allowed only 
when a program counter of the microcontroller specifies an address within an address 
range corresponding to the decryption program in the memory bv unblockino a sional 
path coupling the microcontroller and the kev storaae register 



3 



X-1435 US 
10/714.380 



PATENT 
Conf.No,: 1825 



wherein access to the key storage register bv the microcontroller is disallowed 
when the program counter of the microcontroller specifies an address outside of an 
address range con^espondino to the decryption program in the memory bv blocking the 
signal oath coupling the microcontroller and the key storage register , 

10. (Original) The system of claim 9, wherein the memory is a ROM containing a 
decryption engine. 

1 1 . (Original) The system of claim 9, wherein the microcontroller further receives a 
configuration boot program along with the encrypted bitstream, 

12. (Cun^ently Amended) A method of securely using decryption keys during 8el4 
programmab l e gato array configuration of an integrated circuit comprising 
programmable logic , comprising the steps of: 

receiving an encrypted bitstream at a microcontroller within the field 
programmable gate array; 

loading a decryptor with data from a key register; 

loading the decryptor with data from the microcontroller; [[and]] 

loading a configuration data register with a decrypted bitstream from the 
decryptor, wherein the configuration data register cannot be read by the 
microcontroller after the decryptor is used; [[and]] 

ooloct i voly enabling access to the key register by unblocking a signal path 
coupling a MewinQ the microcontroller and the key register a eeess only when a program 
counter of the microcontroller specifies an address within an address range of the 
decrypto r: and 

disabling access to the key register bv blocking the signal path coupling the 

microcontroller and the key register when the program counter of the microcontroller 
specifies an address outside of the address range of the decyptor . 

13. (Original) The method of claim 12, wherein the method further comprises the 
step of loading the key register with key data from the microcontroller. 
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14. (Previously Presented) The method of claim 12, wherein the configuration data 
register cannot be read by the microcontroller while the decryptor is used. 

1 5. (Original) The method of claim 1 2, wherein the microcontroller cannot read 
from the l^ey register. 

16. (Currently Amended) The method of claim 12, wherein only the decryptor can 
read from the key storage register. 

17. Cancelled. 

1 8. (Currently Amended) A system of securely using decryption keys during 
p'rogrammablo l ogic d e v i c e configuration of an inteorated circuit comprising 
programmable logic , comprises: 

a memory-mapped key register coupled to a microcontroller data bus; 

a decryptor engine stored in non-volatile memory and coupled to the 
microcontroller data bus; and 

logic circuitry limiting access to the key register from the microcontroller data 
bus using specified addresses of the non-volatile memory corresponding to the 
decryptor engine and a received program counter value of a microcontroller^ 

wherein the loaic circuitrv selectivelv blocks or unblocks a signal oath coupling 
the microcontroller data bus and the kev register according to the specified addresses 
of the non-volatile memorv con^espondino to the decrvotor engine and the program 
counter value . 

19. (Previously Presented) The system of claim 18, wherein the logic circuitry uses 
specified addresses of the non-volatile memory by limiting access to minimum and 
maximum ROIVI memory addresses using the microcontroller program counter. 
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20. (Currently Amended) A computer-readable medium comprising instructions 
written thereon in the form of a bitstream that configures an integrated circuit 
comDrising proarammable logic a proarammab l o l ogic dovicQ . the computer-readable 
medium comprising: 

a configuration boot program portion of the bitstream that runs a microcontroller 
on the integrated circuit p rogrammab le logic d e v i c e; and 

an encrypted bitstream portion of the bitstream containing encrypted 
configuration data that when decrypted and loaded into a configuration data register 
on the integrated circuit p rogrammablo l ogic dov i oo configures the programmable logic 
devlee, 

wherein the configuration boot program further comprises instructions for a 
decryptor, wherein the configuration boot program stores the instmctions for the 
decryptor in a memory, wherein the decryptor is executed by a microcontroller and 
decrypts the encrypted bitstream using key data stored within a key storage register, 
and wherein access to the key storage register by the microcontroller is selectively 
permitted bv blocking or unblocking a signal path coupling the microcontroller to the 
key storage register according to whether w heR a program counter of the 
microcontroller specifies an address within an address range corresponding to the 
decryptor within the memory. 

21. (Cancelled) 

22. (Previously Presented) The computer-readable medium of claim 20, wherein 
the configuration boot program comprises instructions for a decompressor. 
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